$OpenBSD: patch-modules_m_links_c,v 1.1 2010/02/01 09:23:33 jasper Exp $

Security fix for CVE-2009-4016, "IRCD-hybrid 'LINKS' Command
Integer Underflow Vulnerability.
Patch from upstream svn, revision 1044.

--- modules/m_links.c.orig	Mon Feb  1 09:19:14 2010
+++ modules/m_links.c	Mon Feb  1 09:20:09 2010
@@ -83,15 +83,11 @@ do_links(struct Client *source_p, int parc, char **par
 {
   if (IsOper(source_p) || !ConfigServerHide.flatten_links)
   {
-    char *mask = (parc > 2 ? parv[2] : parv[1]);
+    const char *mask = (parc > 2 ? parv[2] : parv[1]);
     const char *me_name, *nick, *p;
     struct Client *target_p;
-    char clean_mask[2 * HOSTLEN + 4];
     dlink_node *ptr;
 
-    if (!EmptyString(mask))    /* only necessary if there is a mask */
-      mask = collapse(clean_string(clean_mask, (const unsigned char*) mask, 2 * HOSTLEN));
-
     me_name = ID_or_name(&me, source_p->from);
     nick = ID_or_name(source_p, source_p->from);
 
@@ -162,8 +158,8 @@ m_links(struct Client *client_p, struct Client *source
                me.name, source_p->name);
     return;
   }
-  else
-    last_used = CurrentTime;
+
+  last_used = CurrentTime;
 
   if (!ConfigServerHide.flatten_links)
   {
